I have created a web application php / mysql based.
Now I have a little problem: being an encryption service it should be run on a secured line ? that means the communication between the server [Apache in this case] and the client?s browser should be secured. I know about the SSL communication but that means you need a certificate. In this case the communication is encrypted so if some one tries to intercept the communication it will not be able to se the information in plain text. A certificate is rather expensive for me right now so I am asking about alternatives. I was thinking about a java script function to encrypt the information on the local machine and than, encrypted information is sent via internet to the server where it should be decrypted and encrypted using the strong well known algorithms supported by mcrypt extension, before stored in the database.
I would need/like an opinion regarding the use of java script function to encrypt the information before sending it on the ?wild? ? I don?t expect this method to be stronger than a certificate and a SSL connection, but what are the other options to protect the information traveling over internet? Maybe some example of good java script functions? I have seen only very light functions ? more to be use in didactic scopes!
Thank you in advance!
http://antisystem.info